Bitcoin Forum
November 15, 2024, 06:59:40 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: {Warning}: Poloniex Phishing Website  (Read 214 times)
Baofeng (OP)
Legendary
*
Offline Offline

Activity: 2786
Merit: 1681



View Profile
September 09, 2020, 11:37:56 PM
Merited by carlisle1 (2), DdmrDdmr (2), cryptomaniac_xxx (2)
 #1

There is a phishing Poloniex website:

Code:
PHISHING SITE https://polȯniex.com/
xn--polniex-v2c.com



Visually pleasing and really looks like the original and real https://www.poloniex.com/.

But if you are going to magnify the website name, these cyber criminals are using what we call  Homograph or Cyrillic attack

.

The website was created last month.

I already reported this to namecheap:
https://whois.domaintools.com/xn--polniex-v2c.com

Code:
General Information	 
 
Ticket ID #TBZ-974-82258
Type         Issue
Priority High

Subject: Phishing site:https://polȯniex.com/

And also to Google's https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en

 
 RAZED  
███████▄▄▄████▄▄▄▄
████▄███████████████
██▄██████▀▀████▀▀█████▄
████
██████████████
▄████████▄████████████▄
████████▀███████████▄
██████████████▐█▄█▀████████
▀████████████▌▐█▀██████████
▀███████████▌▀████████████
█████████▄▄▄
█████▄▄██████
████████████████████████
█████▀█████████████████▀
██████████████
▄▄███████▄▄
▄███████████████
▄███████████████████▄
█████████████████████▄
▄███████████████████████▄
████████████████████████
█████████████████████████
██████████████████████
▀█████
█████████████████▀
▀█
████████████████████▀
▀█████
█████████████
▀███████████████▀
█████████
 
RAZED ORIGINALS
SLOTS & LIVE CASINO
SPORTSBOOK
|
 NO 
KYC
 
 RAZE THE LIMITS   PLAY NOW 
tranthidung
Legendary
*
Offline Offline

Activity: 2464
Merit: 4279


Farewell o_e_l_e_o


View Profile WWW
September 10, 2020, 02:39:18 AM
 #2

Scammers who own that phishing site use a very old method (Personally I see phishing sites that aim at Poloniex in 2017 when the exchange was the hottest in crypto before it slipped behind Bittrex, then Binance).

I am thankful for you to report it and bring the scam method here so that I think it is a good time to re-read Punycode and how to protect yourself from Homograph Phishing attacks?

For exchanges, to be safe:
  • Bookmark domain addresses
  • Make your own sheets to save domain addresses (for double checks)
  • Use third-party coin market websites, ie. coinmarketcap.com or coingecko.com (for tripple checks)
For crypto newbies, they must visit coinmarketcap.com or coingecko.com or both to check info and get links of exchanges.

What to do to avoid phishing sites
[LEARN] Phishing Quizzes - Beginners & Experts

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
Yogee
Sr. Member
****
Offline Offline

Activity: 1554
Merit: 413


View Profile
September 10, 2020, 03:15:27 AM
 #3

Done reporting the phishing site.

Can you fix the code with the phishing link at the beginning? The fake website isn't that long and can be on a single line. I almost reported poloniexdotcom instead of poloniexdotcom/xn--polniex-v2c.com
pakhitheboss
Hero Member
*****
Offline Offline

Activity: 2310
Merit: 844


Top Crypto Casino


View Profile WWW
September 10, 2020, 04:32:15 AM
 #4

Hey! thanks for the heads up, I have done reporting this URL to Google. I got confused with the way these scammers have set up this URL. I am not sure whether such domain names can be easily purchased or can be created but this is really interesting way of scamming people.

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Upgrade00
Legendary
*
Online Online

Activity: 2226
Merit: 2370


Playgram - The Telegram Casino


View Profile WWW
September 10, 2020, 06:06:33 AM
 #5

I am not sure whether such domain names can be easily purchased or can be created but this is really interesting way of scamming people.
The original domain name cannot be duplicated exactly as it is already created, but variations to the characters can be added to make it different but it would yet look very similar to the original website. This phishing website can then be spammed on various platforms or sent through email attacks and unsuspecting users can click on it. Scammers also copy the code of the original website to make the layout of the fake one look very similar, but they would include their tweaks to it which would help them retrieve sensitive information like login details, private keys etcetera.

There has been many cases of such phishing website getting on results of search engines like Google, so always double check and triple check websites you visit.

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
DdmrDdmr
Legendary
*
Offline Offline

Activity: 2506
Merit: 11051


There are lies, damned lies and statistics. MTwain


View Profile WWW
September 10, 2020, 06:33:39 AM
 #6

Normally, this type of phishing sites leave plenty of links working, pointing to the original site, but have a fake login page to grab your credentials. Here, all the links (at least all those I tried) redirect you to the login page. When you provide the credentials, it (presumably) traps them, and redirects you to the original Poloniex site, trying to make it look that there was a glitch, and that you needed to provide the credentials again to gain access. If you do, you’d enter your Poloniex account, and may not even have given it a second thought.
Charles-Tim
Legendary
*
Offline Offline

Activity: 1736
Merit: 5216


Leading Crypto Sports Betting & Casino Platform


View Profile
September 10, 2020, 06:39:32 AM
 #7

This has become common some years ago, but what keeps me wondering are domain providers, they ought not to allow some domain names to be used after a similar legit company has taken it. There was one we discussed previously which is a phishing site that is mimicking/similar to atomic wallet. And this type here in question is the one that resemble polonix. Also are another that steal monero from victims recently. I think there should be something that can be done against this fake and scam phishing sites before they are using the site for malicious activities.

Also, people need to learn about this scam methods, it is not something hard at all to learn, from the look of the above phishing website, I can easily conclud they are actually scamming. The domain only resembles polonix but not polonix in any way. Ones we are noticing such similar but not the same domain name, it is easy to fathom out it is a scam.

And about the domain creation date, this has been a very powerful tools to professionals to conclud that the site can belong to a scammer, but some scammers are still very patient to make use of old domain name websites that has been inactive for years but in rear cases.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
plvbob0070
Copper Member
Sr. Member
****
Offline Offline

Activity: 658
Merit: 402


View Profile
September 10, 2020, 07:14:42 AM
 #8

Try to check the URL carefully, and you can clearly see that there’s a diacritic on the letters which you won’t find on their legitimate website. We should be aware that it can be considered as a red flag, and scammers used it to confuse the users. Fortunately, Poloniex has compiled lists of their websites, social media sites, and apps to help their users avoid such incidents.

Reference:
Code:
https://support.poloniex.com/hc/en-us/articles/360041708873-How-to-identify-legitimate-Poloniex-websites-social-media-profiles-and-communications
Mpamaegbu
Legendary
*
Offline Offline

Activity: 2884
Merit: 1233


Once a man, twice a child!


View Profile
September 10, 2020, 07:42:07 AM
 #9

The domain only resembles polonix but not polonix in any way. Ones we are noticing such similar but not the same domain name, it is easy to fathom out it is a scam.
Honestly, you made a valid point in your submission here. Sometimes I wonder why sites with same sounding names are allowed on similar domain as it is highly deceitful. It's the same way we have bitcointalk.org and bitcointalk.com. Even now, I am quite sure not many noticed the missing "e" in the bolded polonix above. A lot of people are too hasty to crosscheck sites they visit from the url which is the simplest service they can avail themselves. I think doing what tranthidung

For crypto newbies, they must visit coinmarketcap.com or coingecko.com or both to check info and get links of exchanges.
suggested here. That's how I have been tackling new sites too.

████████▄▄▄▄▄▄▀▀▀▀▀▀▄
███▄▀▀▀▀▀███████████
███▐▌████████████▀█▀▐▌
███▐▌███▄█▀█████████████████▄▄▄▄
▄▀█████▐█████████▄▄▄▐█▌▄█▌██▀▀
██████▐███▐██▌▄█▀▀▀▐█████▀███▄
▐█
██▐▌██▐████▌█▌█▌███▐█▌█▄▄▄▄██
▐██
▐▌██▐█▌▐█▀█▌▀█▄▄█▐███▀▀▀▀▀▀
████████▐█▌█▌▀▀▀██▀▀████▄▌████▄
███▄███▌▐████▄██▌█▌██▐████▌█▌▄█▀
██▐█▄▄▄▄██████████▌██▐████▌█▌▐██
███▀███▀▀████▌█████▄▄▐█▄▄█▌██▀▀
████████████▀███▌▀▀▀▀██▀▀

 ......NO FEES ON BITCOIN WITHDRAWALS...... 

▄▄███████▄▄
▄███████████████▄
▄███████████████████▄
▄█████████████████████▄
▄███████████████████████▄
█████████████████████████
████████████████████████
█████████████████████████
▀██████████████████████▀
▀█████████████████████▀
▀███████████████████▀
▀███████████████▀
▀▀███████▀▀

▀███████████▀
[
[
RELOAD
BONUS
 

RAKEBACK
BONUS
]
]
[
[
FREE
COINS
 

VIP
REWARDS
]
]
 
........► Play Now .... 
Insanerman
Sr. Member
****
Offline Offline

Activity: 1162
Merit: 450


View Profile
September 10, 2020, 01:09:38 PM
 #10

There is a phishing Poloniex website:

Code:
PHISHING SITE https://polȯniex.com/
xn--polniex-v2c.com

Shouldn't this be moved to Scam Accusations board? This kind of thread fits there more than in here. I know this is just a warning for the beginners, but Poloniex are for trading (which SA is a sub-board of Trading Disc), and most traders or even warnings such this are better be reside on the Scam Acc board. Better move this, it is the newbie/beginner's initiative to take a look on that board as well..



Enough said, as plvbob0070 had mentioned, Poloniex already had this feature to detect if a site with their name is legit or not. It was a problem back then as many had been phishing people with fake Poloniex websites after the platform had its popularity in trading industry.
erikoy
Full Member
***
Offline Offline

Activity: 686
Merit: 125


View Profile
September 10, 2020, 01:27:51 PM
 #11

Another phishing site. Just how many actually are like these in the internet?

So sad that hackers or scammers had done their best too to scam other people being creative enough to make replicate the original site or a hacking program that could record important details of crypto wallet. It may be difficult to deal this fake sites but as long as everyone will keep an awareness to this then it can minimize the possible number of getting phished out of this phishing site. Just always do share and report this kind of activities.
AakZaki
Legendary
*
Offline Offline

Activity: 2338
Merit: 1084


zknodes.org


View Profile WWW
September 11, 2020, 06:17:42 PM
 #12

Phising sites like this trick a lot of people because they use almost the same domain name and only have different signs in a few letters.

The template used is the same and makes no difference. if we are tricked into entering a username and password then we are in a trap.

Usually phishing website links like this are spread via Email or on Telegram with a message stating that you won a Bitcoin prize which can be withdrawn immediately. Must be more careful with phishing websites like this.
dkbit98
Legendary
*
Offline Offline

Activity: 2422
Merit: 7577



View Profile WWW
September 12, 2020, 08:22:39 AM
 #13



It is easy for newbies to fall for this phishing scam.
This is just one reason why Firefox browser is much better than chrome browser, because Firefox is showing exact punny codes
Code:
https://xn--polniex-v2c.com/

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!